Duo News & Press

Machine learning-driven analytics enable rapid response to malicious access attempts that increasingly bypass traditional security measures

Ann Arbor, Mich., May 31, 2018 - Duo Security, a leading provider of zero-trust security for the enterprise, today announced enhancements to its flagship platform, Duo Beyond, that will enable organizations to automate detection of anomalous user behavior and malicious access attempts. Utilizing machine learning-driven User and Entity Behavior Analytics (UEBA), these enhancements will be available through a beta program open to existing Duo customers on an opt-in basis.

The adoption of cloud-based business applications, Bring Your Own Device (BYOD) policies, and an increasingly mobile workforce that requires access to corporate resources from anywhere and at any time, multiply the opportunities for attackers to steal user credentials. Credential theft and account takeover are more prevalent than ever, as highlighted in the 2018 Verizon Data Breach Investigations Report (DBIR) that identified stolen credentials and phishing as two of the top three most common means of breach.

These trends also make it extremely difficult for organizations that rely solely on the rigid alert rules of Security Information and Event Management systems (SIEMs) and traditional threat detection systems to accurately identify which user behaviors may constitute a malicious attempt to use compromised credentials. On top of the enormous costs associated with deploying traditional SIEMs and monitoring solutions, organizations are faced with maintaining an increasingly complex system of rules requiring them to sift through countless alerts, leading to alert fatigue and diminishing value.

Duo Beyond delivers a zero-trust security platform that enables organizations to help prevent security breaches caused by compromised credentials by basing application access decisions on the trust established in user identities and the trustworthiness of their devices, as well as the context surrounding each access attempt.

Enhanced by the advanced UEBA capabilities announced today, this platform uses machine learning algorithms to analyze usage data to detect anomalous and potentially malicious access behaviors, enabling organizations to mount a rapid response. This capability will also deliver a far more scalable, automated, and dynamic solution as compared to traditional, strictly rules-based alerting systems that require IT admins to manually identify, investigate, and research thousands of potentially malicious logins per day.

Duo’s advanced UEBA and threat detection capability will require no initial setup, delivering rapid time-to-value and lower total cost of ownership to organizations that otherwise shy away from threat detection systems that are prohibitively expensive to set up and maintain.

This new threat detection capability beta program is open to existing Duo Security customers, who are encouraged to contact their account representatives to learn more about how to participate in this program.

For more information, please visit duo.com or contact your account representative.

About Duo Security

Duo Security helps defend organizations against data breaches by making security easy and effective. Duo Beyond, the company's category defining zero-trust security platform, enables organizations to provide trusted access to all of their critical applications, for any user, from anywhere, and with any device. The company is a trusted partner to more than 10,000 customers globally, including Dresser-Rand, Etsy, Facebook, K-Swiss, Random House, Yelp, Zillow, Paramount Pictures, and more. Founded in Michigan, Duo has offices in Ann Arbor and Detroit, as well as growing hubs in Austin, Texas; San Mateo, California; and London, UK. Visit Duo.com to find out more.